Engadget RSS Feedhttps://www.engadget.com/tag/tor/rss.xml
https://www.blogsmithmedia.com/www.engadget.com/media/feedlogo.gif?cachebust=trueEngadget RSS Feedhttps://www.engadget.com/tag/tor/rss.xml
en-usEngadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronicsCopyright 2018 AOL Inc. The contents of this feed are available for non-commercial use only.https://www.engadget.com/2017/12/20/karma-black-anonymous-hotspot-ships-january-15th/https://www.engadget.com/2017/12/20/karma-black-anonymous-hotspot-ships-january-15th/https://www.engadget.com/2017/12/20/karma-black-anonymous-hotspot-ships-january-15th/#comments

Want to keep your internet activity under wraps regardless of what device you're using or where you are? You won't have too much longer to wait. Karma has revealed that its anonymizing Karma Black LTE hotspot will ship on January 15th, with pre-orders open now. Spend $149 ($249 after January 15th), plus $20 per month for security services, and you'll get a portable router that encrypts all your internet traffic while masking your location and other potentially identifying data markers. You can use it to boost the privacy of your home connection, too, and there's the promise of feature expansions that include Tor anonymity network services, antivirus safeguards, ad blocking and parental controls.

Wikipedia is a nigh-essential source of information, but it's usually so accessible in Western countries that users forget when it isn't. Take Turkey, which blocked its citizens from accessing the site in April and rejected an appeal when the Wikimedia Foundation refused to play ball with the government, part of its wider effort to silence online dissent. For citizens in similar countries that crack down on users accessing the free online encyclopedia, there's a new version those governments hopefully can't track -- which operates on the dark web, naturally.

The dark web is no longer just a marketplace for illicit drugs, weapons, and other nefarious material. Mainstream media and social networks, from The New York Timesto Facebook, are also using it to give users an anonymous way to access their sites. These so-called "onion" services can help publishers evade country-specific web censorship, while also delivering their content to people who simply use the Tor Network to surf in private. The tradeoff for anonymity is a sluggish web browsing experience, but it's a sacrifice more than 2 million people are willing to make. Now, with its almost decade-old onion domains getting rusty, Tor is unveiling its next-gen sites, with the focus on strengthening security.

After being rejected by both GoDaddy and Google, neo-Nazi publicationThe Daily Stormer resurfaced today with a Russian domain extension. As Vox reports, Stormer's efforts to secure a Chinese hosting service (DailyStormer.wang) were cut short, so it turned to the Dark Web and then the mainstream internet. A Whois report states that the hosting company is CloudFlare and the IP location is in Arizona. But, the site isn't online as of publication time.

KarmaGO allows users to establish a WiFi connection through 4G via a small portable device, either on a pay-as-you-go basis or through a monthly data plan -- it's particularly popular with business travellers. Karma Black will operate in the same way, but will act as an invisibility cloak for users, encrypting web activity and hiding physical location. It'll also provide beefier protection against intrusive advertising and viruses.

After the demise of Silk Road, the role of the dark web's most notorious black marketplace was assumed by AlphaBay. But The Wall Street Journalreports that the site has now been shuttered, thanks to a joint law enforcement operation between the US, Canada and Thailand. One of its operators, Canadian Alexandre Cazes, was arrested in Thailand, but was found dead in his prison cell earlier this week.

The latest update for privacy-minded folks' favorite way to surf the web should make others' attempts at tracking what they do even more difficult. The Tor browser's 7. 0 version introduces a sandbox feature that, according to an interview on the Tor blog, should "make life a lot harder" for people using a Firefox exploit to discern the identities of a user. "It's like Plato's Allegory of the Cave," Tor developer Yawning Angel said. "The only reality Tor Browser knows is inside of the sandbox (cave). We prevent it from interacting with the rest of your computer (the outside world), except via the Tor Network (shadows on the wall)."

The Dark Web is having a rough time right now... although the victims in this case won't earn too much sympathy. An Anonymous-linked hacker speaking to Motherboardbrought down about a fifth of the Tor network's 'secret' websites (over 10,000 of them) in a claimed vigilante move. The intruder decided to attack a Dark Web hosting service, Freedom Hosting II, after discovering that it was managing child porn sites it had to be aware of -- they were using gigabytes of data each when the host officially allows no more than 256MB. Each site had its usual pages replaced with a message that not only chastised FH2, but offered a data dump (minus user info) and explained the nature of the hack.

Turkey's President Erdogan and the ruling AKP party are increasingly bent on silencing online dissent, and that now affects you even if you're smart enough to evade typical censorship methods. Watchdog group Turkey Blocks has confirmed that Turkey is blocking the Tor anonymity network's direct access mode for most users. You can still use a bridge mode for now, but there are hints that internet providers might be hurting performance even then. The restrictions come alongside a recent government ban on virtual private network services.

The changes to a measure known as Rule 41 were made earlier this year but went into effect Thursday after lots of opposition. Basically, they let any judge issue a warrant to remotely access an unlimited number of computers and devices located in any jurisdiction. There was plenty of objection from senators and congresspeople, groups like the Center for Democracy and Technology and companies such as Google, who said it's unconstitutional and invades citizens' rights to privacy.

The FBI may have scored a big win with operation Playpen, which helped dismantle a ring of TOR-based pedophiles and prosecute its members (thanks, Rule 41), but that was just one battle in the ongoing war against the sexual exploitation of children. That fight is now a bit easier for European law enforcement, which as debuted a new machine learning AI system that hunts for child porn on P2P networks.

It pays to be paranoid in a time of rampant breaches, social media account extortion, identity theft, fake security products, ransomware, and hack attacks on all. That's why we've put together a gift guide for those among us who don't want to find out they have a security issue the hard way. Typically that would include things like VPN subscriptions or password manager recommendations, but that's no fun when it comes time for everyone to open their presents.

That's why we've selected six sweet gadgets that'll protect the privacy and security of those you care about. Carefully screened to keep out the "security snake oil" products flooding the gadget market, our picks have been selected with a keen eye on things that actually work to fight attacks that actually happen.

]]>
adafruitbadpasswordcolumngadgetrygadgetsgeargiftguidehackadaylockpickonionportapowraspberrypirfidsecuritystewartstandtoryubikeyFri, 25 Nov 2016 16:00:00 -050021|21614270https://www.engadget.com/2016/11/01/the-dark-web-isnt-all-guns-and-drugs/https://www.engadget.com/2016/11/01/the-dark-web-isnt-all-guns-and-drugs/https://www.engadget.com/2016/11/01/the-dark-web-isnt-all-guns-and-drugs/#comments
Whenever you hear the phrase "dark web," you instantly imagine stern-faced CNN anchors talking about terrorists, sex criminals and drug dealers. A study from Terbium Labs is looking to dispel those dearly-held notions of what the dark web actually is. According to researchers Dr. Clare Gollnick and Emily Wilson, the dark web is less of a science fair filled with the world's worst people and more like your average teenager's bedroom.

The FBI operated Playpen, a child pornography site on the Dark Web, for nearly two weeks in February 2015, distributing malware to users so the bureau could track suspected pedophiles across the globe. It was a major bust, with the FBI hacking 4,000 computers and leading to charges against 186 people so far, Motherboard reports. This week, a lawyer for one man accused of running Playpen argued that the site operated even better while under the FBI's control, leading to an increase in users and distribution numbers.

Tor has published what it calls a "Social Contract" comprised of promises to users and the principles the team believes in. It has been around for over a decade, so publishing a set of goals and behaviors at this point in time is rather curious. Maybe its developers wanted to show the world that they didn't lose their focus after Jacob Appelbaum, one of Tor's most prominent devs, stepped down in the midst of sexual harassment allegations. Maybe it's because of something else. Whatever the reason is, its social contract contains one interesting pledge: "We will never implement front doors or back doors into our projects," the team wrote.

Jacob Appelbaum isn't going to get any sympathy from the Tor Project over allegations of sexual harassment. An internal investigation at Tor has determined that the claims against Appelbaum, who's accused of humiliating and intimidating women, are accurate. This doesn't mean that charges are forthcoming, but it makes Appelbaum's own denials (he portrays this as a conspiracy to slander his name) less plausible. Appelbaum quit Tor in May, right as the harassment accusations were coming to light.

]]>
cultureharassmentinternetjacobappelbaumservicessexualharassmenttortorprojectwomenintechWed, 27 Jul 2016 15:10:00 -040021|21440133https://www.engadget.com/2016/07/11/mit-anonymity-network-more-secure-than-tor/https://www.engadget.com/2016/07/11/mit-anonymity-network-more-secure-than-tor/https://www.engadget.com/2016/07/11/mit-anonymity-network-more-secure-than-tor/#comments
As crucial as Tor's anonymity network can be for keeping your online activity private, it's not flawless -- a motivated hacker can compromise legions of users, whether they're crooks or privacy-minded innocents. Researchers from MIT and EPFL might have a better way. They've developed an anonymity network, Riffle, that promises to maintain privacy so long as at least one server is safe.

In the legal back-and-forth surrounding the FBI's hack and subsequent arrest of 1,500 users of a dark web child pornography site called Playpen, the FBI has now moved to classify the Tor Browser exploit they used, Motherboard reports, citing reasons of national security. Last month, Mozilla -- whose code much of the Tor Browser is based on -- asked the FBI to identify the exploit the agency used to install location-tracking malware on users' computers. That request was approved and then quickly thrown out by a judge in Washington state, who reversed his decision when the Justice Department also convinced him that the exploit was a matter of national security.

The FBI did not need a warrant to hack a US citizen's computer, according to a ruling handed down on Tuesday by Senior US District Court Judge Henry Coke Morgan, Jr. If the decision is upheld, it may have ripple effects that essentially allow government agencies to remotely search and seize information from any computer in the US without a warrant, probable cause or suspicion, the EFF argues.

]]>
culturefbigovernmenthackhackinginternetoperationpacifierpersonal computingpersonalcomputingplaypenpoliticssecuritytorFri, 24 Jun 2016 15:40:00 -040021|21401575https://www.engadget.com/2016/06/15/more-women-accuse-former-tor-developer-of-sexual-misconduct/https://www.engadget.com/2016/06/15/more-women-accuse-former-tor-developer-of-sexual-misconduct/https://www.engadget.com/2016/06/15/more-women-accuse-former-tor-developer-of-sexual-misconduct/#comments
Two more women have stepped forward to accuse former Tor project developer Jacob Appelbaum of sexual harassment. That brings the total accusations against Appelbaum to at least eight, as recorded on JacobAppelbaum.net, a website created to raise awareness of his behavior.

It's clear that authorities want Silk Road 2.0's operators to face stiff penalties for running an online black market... even when they're not the top dogs. A federal judge has sentenced Brian Farrell, a key assistant to site architect Blake Benthall, to 8 years in prison. Farrell had pleaded guilty in March to conspiring to sell illegal drugs (including cocaine, heroin and meth) through the Dark Web portal, which emerged just weeks after law enforcement shut down the original Silk Road in fall 2013.

Mozilla has to take another approach if it wants to discover and fix the vulnerability feds exploited to infiltrate a child porn website. Washington US District Judge Robert Bryan has thrown out the organization's request for the security flaw's details. If you'll recall, the FBI seized the server of a child porn website on the Tor network called Playpen in early 2015. They then used a flaw in the Tor browser, which is based on Mozilla Firefox, to install malware that pointed agents to users' locations. They nabbed over a hundred people from that sting, including a defendant in one of Bryan's cases.

Not long ago, the content delivery provider CloudFlare claimed that a whopping 94 percent of the requests it gets from people using the Tor anonymizing network are malicious. It needs strict, Tor-specific security measures (such as demanding that visitors see CAPTCHAs) to protect its website customers against attacks, the company says. Well, the Tor team isn't having any of it -- it's accusing CloudFlare of both mischaracterizing Tor users and blocking innocents in the name of overzealous security.

A judge has ordered the Federal Bureau of Investigation to turn over the complete code it used to infiltrate a child pornography site on the Dark Web, Motherboard reports. The FBI seized the Tor-based site known as "Playpen" in February 2015 and kept it running via its own servers for two weeks -- during this time, the bureau deployed a hacking tool that identified at least 1,300 IP addresses of visitors to the site worldwide.

If you still assume you don't forfeit the right to privacy by going online, there are very few truly secure OS options. The best one might be the Linux flavor called Tails, recommended by none other than Edward Snowden. Its encrypted apps include email and messaging clients, a web browser, and of course, the anonymizing Tor network.The folks behind the open-source program have just launched version 2.0, with a new UI and numerous security fixes.